IP filtering policies control access to managed APIs. An IP filtering policy defines a set of access rules that determine the IP addresses that are allowed to access an API and the IP addresses that are blocked from accessing an API. You must be assigned the Deployer role to assign IP filtering policies to managed APIs.
When API Center receives a request to access a managed API, it checks the request IP address against the rules in the policy, in the order that the rules are listed in. API Center applies the first rule that matches the request IP address to the request. To allow access to specific IP addresses and deny access to all other IP addresses, add the rule that denies access before the rules that allow access. To deny access to specific IP addresses and allow access to all other IP addresses, add the rule that allows access before the rules that deny access.
IP Filtering Policy Example
The following table lists rules that allow access to specific IP address ranges, and deny access to all other IP addresses: